Belgian authority finds IAB Europe’s consent pop-ups incompatible with the GDPR
Following a number of complaints filed in 2018 and 2019, including by EDRi-members Panoptykon and Bits of Freedom, and coordinated by the Irish Council for Civil Liberties, the Belgian Data Protection Authority has found that the consent system developed and managed by the adtech industry body IAB Europe, and used by many websites in the EU, is illegal under the GDPR.
Filter resources
-
Belgian authority finds IAB Europe’s consent pop-ups incompatible with the GDPR
Following a number of complaints filed in 2018 and 2019, including by EDRi-members Panoptykon and Bits of Freedom, and coordinated by the Irish Council for Civil Liberties, the Belgian Data Protection Authority has found that the consent system developed and managed by the adtech industry body IAB Europe, and used by many websites in the EU, is illegal under the GDPR.
Read more
-
How it started, how it’s going: Halfway through the current European Commission’s legislative term
In January 2022, EDRi held a panel at its annual flagship event Privacy Camp to discuss the EU’s current legislative term and what to expect by the next EU elections in terms of digital rights.
Read more
-
Chat control: 10 principles to defend children in the digital age
The automated scanning of everyone’s private communications, all of the time, constitutes a disproportionate interference with the very essence of the fundamental right to privacy. It can constitute a form of undemocratic mass surveillance, and can have severe and unjustified repercussions on many other fundamental rights and freedoms, too.
Read more
-
Framing the future of the internet
The European Parliament has just voted on the Digital Services Act, crucial for internet regulation.
Read more
-
Online Safety Bill: Kill Switch for Encryption
Of the many worrying provisions contained within the draft Online Safety Bill, perhaps the most consequential is contained within Chapter 4, at clauses 63-69. This section of the Bill hands OFCOM the power to issue “Use of Technology Notices” to search engines and social media companies.
Read more
-
Orwell’s Wallet: European electronic identity system leads us straight into surveillance capitalism
In June 2021 the European Commission launched a reform of the 2014 eIDAS Regulation to overhaul Europe’s framework for electronic identity (eID) systems. This ambitious reform tries to create a counterbalance to the widespread login systems of Google, Facebook and Apple, as well as to provide widely-adopted eID systems for eGovernment and eCommerce applications to the population.
Read more
-
A beginner’s guide to EU rules on scanning private communications: Part 2
Vital EU rules on human rights and on due process protect all of us from unfair, arbitrary or discriminatory interference with our privacy by states and companies. As we await the European Commission’s proposal for a law which we fear may make it mandatory for online chat and email services to scan every person’s private messages all the time, which may constitute mass surveillance, this blog explores what rights-respecting investigations into child sexual abuse material (CSAM) should look like instead.
Read more
-
European Parliament approves rights-respecting DSA & proposes ban on use of sensitive personal data for online ads
Today's upcoming vote by the European Parliament's (EP) on the Digital Services Act (DSA) is expected to be a good step forward in protecting people’s rights on the internet, including freedom of expression and information, right to safety and the right to privacy, which EDRi has strongly and consistently advocated for.
Read more
-
The EU’s own ‘Snowden Scandal’: Europol’s Data Mining
On 3 January 2022, the European Data Protection Supervisor (EDPS), which supervises the processing of personal data by the EU’s law enforcement agency, Europol, ordered Europol to delete data held in its databases on individuals with no established link to criminal activity.
Read more
-
Online surveillance thrives when fear takes over
European law-enforcement agencies have been pushing to end encryption and survey everyone’s online communications.
Read more
-
E-evidence regulation: Why it matters for medical confidentiality?
Access to health data by foreign authorities in the context of a criminal investigation – be it intentional or not – needs to be carefully regulated as it also impacts doctors’ legal and ethical duties.
Read more
-
Opinion on the Passenger Name Record CJEU case
In Case-817/19, Belgium’s Constitutional Court has asked the EU Court of Justice whether the PNR Directive (2016/681) is compatible with the Charter of Fundamental Rights. The hope must be that the Court will stand up for the rights of individuals, enforce the Charter of Fundamental Rights, and declare the PNR Directive (like the Data Retention Directive) to be fundamentally in breach of the Charter.
Read more